Vulnerability Management, Patch/Configuration Management

CitrixBleed 2 patching lags amid emergence of exploits

A sign is posted in front of a Citrix office complex

Numerous Citrix NetScaler ADC and NetScaler Gateway instances were discovered by watchTowr Labs researchers to remain unpatched against the critical severity CitrixBleed 2 flaw, tracked as CVE-2025-5777, amid the growing prevalence of circulating exploits, reports The Register.

Vulnerable Citrix Gateway login endpoints could be targeted with repeated specially crafted HTTP requests with an incomplete login value to force in-memory exposure of session tokens that could be leveraged for subsequent takeover attacks, according to watchTowr Labs researchers, who noted the potential of their proof-of-concept exploit to eventually yield valuable data. "[W]e believe, for reasons, that 'production' environments with VPN connections established would allow us to more trivially see sensitive information within captured memory leaks," said the report. Other PoCs have also been presented by Horizon3.ai and Wiz researchers, with the latter warning about their working exploit's potential inclusion in malicious actors' attack arsenals.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds